Browsed by
Author: admin

Five Things to Know About Ransomware

Five Things to Know About Ransomware

Since 2005, when the first documented case of a ransomware attack came into existence in the USA, the gravity and frequency of ransomware attacks are increasing relentlessly. The recent back to back ransomware attacks of WannaCry or Wanna Decryptor and NotPetya are the stark testimony of this. The infamous WannaCry alone took hostage of 100,000 organization’s computer in 150 countries world over. The South Korean web hosting provider paid $1 million to the malware attackers, the biggest known payout, to unlock its servers.

Experts believe, in the near future, such ransomware attacks are not going to cease, as organizations world over still lag behind in implementing proactive measures that would act as a possible deterrent. So, to protect and prevent systems in becoming prone to such ransomware attacks in future one ought to know certain key essential things which are as follows:-

Ransomware: It is a kind of malicious software, originating from ‘cryptovirology’- that deals with how to use cryptography to design powerful malicious software, serves two purposes: threatening victim to publish his or her data or encrypting files and information or blocking the entire device which cannot be accessed unless and until ransom is paid in specified time frame, or device is restored to factory setting. The former one is known as ‘crypto ransomware, ’ and the latter one is called ‘locker ransomware.’ In recent attacks attackers used cryptoviral extortion technique; encrypting victim’s files and demanding a ransom payment, usually in cryptocurrencies like Bitcoin, to decrypt them.

Modus operandi of ransomware encryption: It’s a well-organized mathematical-computational activity which involves symmetric and asymmetric algorithm. The attacker generates a key pair, and after placing the public key in malware he or she releases it. Now, for carrying out the cryptoviral extortion attack, the malware generates a random symmetric key and encrypts the victim’s data with it by using the public key already available in the malware. It results in asymmetric as well as symmetric ciphertext of the victim’s data; the symmetric key is used for preventing the recovery, and the asymmetric ciphertext is employed in a pop-up message to the victim that includes how to pay the ransom.

Ransom payment: The victims send the asymmetric cipher text and payment, usually in crypto currencies like Bitcoin as they are anonymous, then after receiving the payment, attacker deciphers the asymmetric ciphertext with the private key that he or she holds, and sends the symmetric key to the victim. Consequently, the victim deciphers the encrypted data with the corresponding symmetric key resulting in getting access to the device or the data though it is not guaranteed and in the process completing a successful crypto-virology attack.

A typical ransom amount: As of now it’s a booming illicit business, so attackers behind the scene as with any business field are following the basic economics rules. The trend shows the lowest ransom, and highest ransom varies wildly in numbers. Most of the cases have shown an average of $700 ransom demand; however, the 20% cases have as much as $1300 ransom demand. Overall, it seems that they’re testing the waters and apparently ‘price elasticity of demand’ is doing the runs.

Risk Mitigation: Updation of software coupled installing regular security updates released by software vendors, application control, keeping “offline backups” of data and critical essentialities, greylisting, removal of local administrator rights are some effective measures to prevent & protect devices and data from any possible ransomware attack.

Big Data in the Cloud: Reaching the Tipping Point

Big Data in the Cloud: Reaching the Tipping Point

In the contemporary world of Information Revolution, big data has come to the fore, and business intelligence is the torchbearer in the exploration of uncharted territories of new business opportunities. Companies such as Uber and Airbnb, which run purely on data generated from apps, are the biggest disruptors on today’s business scene. They have accurately shown the enormous actionable potential of big data generated through the internet.

In this backdrop, we are going to discuss Big Data in the Cloud as today there are plenty of cloud-service providers that offer data storage and analytics services to enterprise customers.

We are considering Big Data keeping in perspective Cloud since early big data projects were in the realm of in-house exercises. But, today there are increasingly great success stories of big data are coming out in public; it shows the newly found world of the digital-oriented business environment. Further, it is staunchly advocating in favour of cloud-led data and analytics to get the utmost success in business endeavors. Some strong points make a case for cloud-led data and business analytics to make the businesses ever-prospering.

Big Data: A Big Project:-

A decade or five years ago when most of the enterprises exercised big data projects in-house, even knowing that it is not going to easy, with excellent planning and organization, they failed. The glaring reason was – lack of requisite skill sets that were scarce at that point of time, “brain drain” was also a plausible reason as data scientists ventured out to more rewarding careers.

The role of the Data Scientist: At the inception, even though there were vast lacunae on the infrastructural front, the major fault was with the working module: IT leaders in in-house projects shielded those who analyzed data from those who were managing the operations. But, for smoother conduction of the projects, it is highly recommended that data scientists should work in tandem with the operations team this is because it allows data scientists to fine-tune their models better, streamline processes and at the end of the day bring effectively lower the time needed to squeeze actionable information from humongous data.

Tipping Point: It is an agreed fact that a decade, we were unable to comprehend the vastness and immense potential of big data holistically. Our judgment was proven wrong as we not only inept in accurately understood the complexities of building and executing a big data platform but also in understanding the critical big data roles. But, the current reality is enterprises are leveraging the cloud support as they are now in an enabling position to focus on what’s important: highly tuned analytics. Therefore, companies or enterprises are increasingly migrating their big data endeavors to the public cloud because in coming years that is the actual place where most of the data will reside or is still residing; thanks to the low cost of cloud storage.

Big Data: Great Redemption Coming Into Its Fold: Big data came onto the floor of the business world with a promise to enable business leaders and enterprises to let them have a conscious awareness of their business endeavors and operations. So, herein, data is analyzed to a point where efficacy and efficiency of decisions made will be not compromised, and the process will be smooth even if it relates to real-time analytics. But, early experiences with big data analytics were quite sour in nature so bleak in prospects. Now, these are bygones, outsourcing back-end duties to a third party (big data and analytics to the cloud provider) have unleashed a great opportunity to focus more on making accurate decisions regarding company’s operations in the current and prospective environment.

Seven Tips for Protecting Devices against Cyber Attack

Seven Tips for Protecting Devices against Cyber Attack

New technology promises each day to make our life easier in many convenient ways but the convenience sometime may come at a cost of losing very important things in life.

A cyber attack can be defined in a way “the worst use of technological innovation to penetrate into the private information of someone with some criminal purpose”.  Even the products claiming to be the most secured are also not foolproof or without any flaws. The “Wannacry” ransomware appeared to have used one of the flaws of Microsoft’s software but the true identity of hackers has not been yet discovered. To trace the victims of cyber crime is not that tough but finding the culprit is not at all an easy game. In India, too as a result of demonetization, there is a wave of digitization which makes the whole system more vulnerable & hence it is advisable to stay one step ahead of these criminals & follow these tips to reduce the risk to a great extent.

External Vs Internal Storage:

Once lost is lost forever hence it is advisable to keep a copy of all important documents. We save a wide variety of info on our computer like important contacts and bank account details etc. An external hard drive not connected to the internet can be the best solution to help you not worry about the data loss.

No to unknown mails

The whole game plan is about sending the fraud mails in the name of reputed companies & then asking the user to provide very private & secret information related to credit cards etc. is called as Phishing. Always be cautious before opening the mails from unknown domains, questionable apps or unknown websites.

Yes to Antivirus

Again not all but a percentage of antivirus are capable of detecting & neutralizing the infections. Use antivirus programs from reputable vendors only. Antivirus software can also detect an already existing infection. Scanning files before downloading, blocking secret installations can also be controlled by antivirus software.

Strong Passwords

Instead of using passwords using phrases as your security code are more protective.  On the deep web by gathering some information passwords can be cracked. It is important to change default logins as well.

Download the Newest Version

According to Chris Wysopal, (the chief technology officer of Veracode) the Microsoft released a patch to protect from wannacry & if people had updated their software perhaps such level of disaster would not have happened. Whichever operating system you may use it is imperative to enhance & update security systems regularly.

Firewall

When it comes to cyber devices it means all gadgets connected to the internet which could be CCTV, TV, or even a baby monitor which is meant to keep your baby secure can do very opposite. To block any kind of incoming & outgoing connections install a firewall.

Beware of using public networks

People in our country stand on top for watching Porn stuff and they prefer public Wi-Fi than the personal one for it. Sometimes hackers’ use social media by designing various games & the moment you give it a click you become the victim.

The Impact of Big Data on Banking & Financial System

The Impact of Big Data on Banking & Financial System

The power of data cannot be ignored or underrated. The valuable and immense volume of data stored by banks for decades is now being randomly utilized for various analyses in terms of transactions, till now the financial services which have the reservoir of data were not exploiting it to meet the customer expectations whereas customers expect banks & financial organization to deal with them based on the data they provide. The potential of Big Data to unlock the various aspects in favour of customers & bank is now accepted and is used globally by many countries.

Citigroup providing financial services in 160 countries with over 200 million customer accounts has now adopted the Big Data–driven approach for their own business growth & customer’s benefit. There are certain impacts Big Data can bring into the banking & financial system.

Easy Customer Segmentation/Profiling

With so many complexities & potential risks involved in the banking industry, it is important to understand customer’s behavior & categorize them accordingly. This helps in targeting customers as per the bank’s requirements for business growth. There could be various kinds of product need segmentations involving personal behavior, demographic, and transaction details but all possible with the help of Big Data analysis. Such real time analysis can enhance the growth cycle.

Personalized Product Offerings

Once the categorization is done the data from e-commerce profiles are used to target individuals on their browsing and buying habits. Customer’s interests observed through his actions are later targeted for personalized marketing & to get sale leads.

Risk & Fraud Management

The risk is another side of the coin but financial service’s need to manage fraud & risks is larger than any other industry. Big data allows the bank to avoid bad loans or failed investments through historical data & get a real time alert. Now because of various regulatory requirements and need of time has made many financial firms to implement big data projects to obtain an advantage over their competitors. Big data analysis can make banks to block any transaction seeing the irregular payment transactions on any account. It then helps to prevent any fraud before happening.

Customer Experience

When most of the industries are running with a customer centric approach it then becomes important for the banks & credit services to meet customer’s expectations and understand their preferences. According to a report of McKinsey marketing decisions based on good data analysis can increase the productivity by 15-20%. Though it requires an additional investment of infrastructure for implementation with an output of increased growth, revenue & customer satisfaction its worth paying.

Operation Augmentation

Implementing Big Data improves the flow of overall system with improvements in effectiveness & response time, increased number of automated processes, cost savings, meeting precise requirements instantly, detecting fraud transactions or signals, and different factors which are related to financial risks.

Employee Engagement

With the help of Big Data analytics, not only the top performers but those employees who are either not happy or are struggling can be acknowledged. Instead of following traditional ways to find the details using right analytics by employees helps in bringing out the employee’s performance, accepting the common goal as a team & the overall culture of an organization also improves.

With the digitization increasing day by day, the impact of Big Data on banking & financial services can also be significant.

How to Protect Your Computer from Ransomware?

How to Protect Your Computer from Ransomware?

Want to safeguard your business against the ill-attacks of the ransomware that gave the global arena of the cyber security platform a huge blow? Ransomware, in this case, is being referred to the attacks of the Petya or Not Petya and also the WannaCry which created a huge stir in the esteemed economies of the European countries and certain Asian and American countries. In this post, the people will learn about the best ways to secure or protect the computing devices against the ill-effects of the malware.

When asked about the effects of the ransomware and its effects, the chief of the security of IBM, Wendy Whitmore, who is also the Global Partner and Lead of IBM’s X-Force Incident Response and Intelligence Services, said that on the 27th June, several organizations across 65 various nations had been affected by the malware Petya. This ransomware was previously discovered in the year 2016, in the month of March, and it used to spread primarily through email phishing. Hence, there is a growing concern among many individuals to counter this growing threat of ransomware.

When the machine got infected, the ransomware slowly spread itself and then encrypted the data files of the devices. The malware would grant access to the users when they would pay money to the creator of the malware. When the money was paid once, the malware would provide the users with a definite key decrypt or for restoration of the data. This ransomware is still considered to be running wild, and the users are being warned against clicking on to any unknown link before the verification of the source.

The top ways to secure your computing devices against this malware is given below:

Train your employees to be suspicious. They should be advised not to open any email attachments or click any unknown link. The emails, which they are not expecting can contain the source of this malware.

  • The systems should be upgraded with the latest patches of the OS.
  • Blocking specific ports will also be beneficial in this case.
  • The practice of backing up the data files must also be there.
  • Opt for regular visits by expert IT technicians.

Will ransomware attacks again be present on the global stage?

The answer is very much YES. Ransomware will not stop its spread after this incident, in fact, you may not know, there might be hundreds of it out there created already, waiting for the permission from the creators to take down the world, like literally. So what can you do to combat them? The answer lies in the adopting the method of 2FA on VPN for the internal security of the company’s digital working system. Only with the proper implementation of the Two-Factor Authentication, 2FA for Google Apps and also the secure corporate Mails can save the data to get hacked by the digital cons. You can also try to make sure that you always install the latest version of OS in your office and personal computers to keep instances of ransomware attacks at bay.